[openssl-users] FIPS certification for openssl

Salz, Rich rsalz at akamai.com
Wed Nov 29 16:53:43 UTC 2017

> That said, it wouldn't hurt for the OMC to post a message to the list stating that business will continue as planned, since two very key figures have left the project.

I have two reactions, just my personal view.  First, it’s premature to say anything, we’re still figuring things out. Second, what open source project can guarantee that things will continue as they were after people left?  Or the larger question, what guarantees can any project really make?

➢ Indeed, over the past few years I have seen an increasing tendency to hide monumental news in the blog, in press releases etc.

To pick a nit, it’s just the blog.  The press release was copied to the blog, and I don’t know of anything that would qualify as “etc” -- can you remind me?  We started using the blog because we thought it would be a better way to get higher-quality information out, without being swallowed up by the volume of email messages.

➢  Anywhere but the well established and independently archived public mailing lists.
It’s not the same Internet that it used to be…  Lots of discussion happens on GitHub issues these days, which I’m not thrilled with either.  (Hey you kids, get off my lawn.)   It seems that posting a note to the lists would be useful whenever we post a blog entry?  

>    One really has to wonder if this is still OpenSSL that the world has known and loved for 20 years, or just some expensive imitation.

I am biased, but I believe the project is better, by almost any metric, then it used to be.  If you have specific suggestions for how you think it could be improved, it would be great to see them.

More information about the openssl-users mailing list